Modern security features for web apps

Name: Modern security features for web apps
Start: 2026-01-31T15:30:00
End: 2026-01-31T15:30:00
Location: H.1309 (Van Rijn)

H.1309 (Van Rijn) | Day 1 | 15:30 - 16:00 | Speakers: Gianluca Varisco

Copy link

Copy link

Open in browser

Get involved in the conversation!Join the chat

Notes

Abstract

Modern web applications face a constant barrage of attacks targeting authenticated user sessions, including Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), clickjacking, Cross-Site Leaks (XS-Leaks), and even Spectre. Fortunately, recent advancements in web browser security provide developers with powerful tools to mitigate these threats. This talk delves into the latest web platform security features, equipping you with the knowledge to protect your applications. We'll explore CSP3, Trusted Types, Fetch Metadata headers, and COOP, demonstrating how these mechanisms can effectively thwart entire classes of web vulnerabilities.

Speakers

Gianluca Varisco

Gianluca was the former CISO of Rocket Internet, where he oversaw IT infrastructure and cybersecurity for companies with over EUR 2B in revenue. He later led national security efforts for Italy’s Digital Transformation Team, served as CISO of Arduino, and most recently was Principal Security Architect and public spokesperson for Google Cloud. He recently started Netsec, a cybersecurity and managed IT services provider dedicated to protecting businesses from digital threats.

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.